![Page 1: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/1.jpg)
Metasploit – Embedded PDF Exploit
Metasploit – Embedded PDF Exploit
Presented by: Jesse LucasPresented by: Jesse Lucas
![Page 2: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/2.jpg)
Tools / AssumptionsTools / Assumptions
Attacker – BackTrack 4.2
• Metasploit Framework 3.0• PDF file for embedding
Victim – Windows XP
• File and Printer Sharing• Adobe Reader 8.0 – 9.0
![Page 3: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/3.jpg)
Exploit ConceptExploit Concept
• Attacker embeds exploit in a PDF file
• Victim opens the PDF file– Unknowingly saves and runs exploit
• Attacker takes control of victim machine
![Page 4: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/4.jpg)
![Page 5: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/5.jpg)
![Page 6: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/6.jpg)
![Page 7: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/7.jpg)
Exploit DemosExploit Demos
• Live Demo
• Offline Demo
![Page 8: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/8.jpg)
Start BackTrakStart BackTrak
![Page 9: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/9.jpg)
Open 2 TerminalsOpen 2 Terminals
![Page 10: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/10.jpg)
Open msfconsole in both TerminalsOpen msfconsole in both Terminals
![Page 11: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/11.jpg)
Setup ExploitSetup Exploit
![Page 12: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/12.jpg)
Setup Exploit HandlerSetup Exploit Handler
![Page 13: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/13.jpg)
Wait for Victim to Open PDFWait for Victim to Open PDF
![Page 14: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/14.jpg)
Prey on their IgnorancePrey on their Ignorance
![Page 15: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/15.jpg)
Victim is now a VictimVictim is now a Victim
![Page 16: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/16.jpg)
Attacker now has AccessAttacker now has Access
![Page 17: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/17.jpg)
Example of ControlExample of Control
![Page 18: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/18.jpg)
Example of Control (cont)Example of Control (cont)
![Page 19: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/19.jpg)
Setup Exploit 2Setup Exploit 2
![Page 20: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/20.jpg)
Setup Handler 2Setup Handler 2
![Page 21: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/21.jpg)
Wait for Victim to OpenWait for Victim to Open
![Page 22: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/22.jpg)
Prey on Victim’s IgnorancePrey on Victim’s Ignorance
![Page 23: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/23.jpg)
Ta Da! Attacker has a VNC Session
Ta Da! Attacker has a VNC Session
![Page 24: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/24.jpg)
Example of ControlExample of Control
![Page 25: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/25.jpg)
Example of Control (cont)Example of Control (cont)
![Page 26: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/26.jpg)
Prevent the AttackPrevent the Attack
• DO NOT open files from people you don’t know
• DO NOT allow firewall exceptions for applications you don’t know
• KEEP popular programs up to date
• DISABLE File and Printer Sharing if you aren’t using it
![Page 27: Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas](https://reader035.vdocuments.us/reader035/viewer/2022081503/56649d3e5503460f94a16f69/html5/thumbnails/27.jpg)
Questions?Questions?